reactos/ntoskrnl/config/cmparse.c
Hermès Bélusca-Maïto 76f1da5631
[NTOS:CM][CMLIB] Minor code styling
In particular remove some extra-parentheses around single code tokens,
and replace few "DPRINT1 + while (TRUE);" by UNIMPLEMENTED_DBGBREAK.

+ Improve some comments.
2024-01-17 22:09:37 +01:00

2311 lines
76 KiB
C

/*
* PROJECT: ReactOS Kernel
* LICENSE: GPL - See COPYING in the top level directory
* FILE: ntoskrnl/config/cmparse.c
* PURPOSE: Configuration Manager - Object Manager Parse Interface
* PROGRAMMERS: Alex Ionescu (alex.ionescu@reactos.org)
*/
/* INCLUDES ******************************************************************/
#include "ntoskrnl.h"
#define NDEBUG
#include "debug.h"
/* GLOBALS *******************************************************************/
/* FUNCTIONS *****************************************************************/
BOOLEAN
NTAPI
CmpGetNextName(IN OUT PUNICODE_STRING RemainingName,
OUT PUNICODE_STRING NextName,
OUT PBOOLEAN LastName)
{
BOOLEAN NameValid = TRUE;
ASSERT(RemainingName->Length % sizeof(WCHAR) == 0);
/* Check if there's nothing left in the name */
if (!(RemainingName->Buffer) ||
(!RemainingName->Length) ||
!(*RemainingName->Buffer))
{
/* Clear the next name and set this as last */
*LastName = TRUE;
NextName->Buffer = NULL;
NextName->Length = 0;
return TRUE;
}
/* Check if we have a path separator */
while (RemainingName->Length &&
(*RemainingName->Buffer == OBJ_NAME_PATH_SEPARATOR))
{
/* Skip it */
RemainingName->Buffer++;
RemainingName->Length -= sizeof(WCHAR);
RemainingName->MaximumLength -= sizeof(WCHAR);
}
/* Start loop at where the current buffer is */
NextName->Buffer = RemainingName->Buffer;
while (RemainingName->Length &&
(*RemainingName->Buffer != OBJ_NAME_PATH_SEPARATOR))
{
/* Move to the next character */
RemainingName->Buffer++;
RemainingName->Length -= sizeof(WCHAR);
RemainingName->MaximumLength -= sizeof(WCHAR);
}
/* See how many chars we parsed and validate the length */
NextName->Length = (USHORT)((ULONG_PTR)RemainingName->Buffer -
(ULONG_PTR)NextName->Buffer);
if (NextName->Length > 512) NameValid = FALSE;
NextName->MaximumLength = NextName->Length;
/* If there's nothing left, we're last */
*LastName = !RemainingName->Length;
return NameValid;
}
BOOLEAN
NTAPI
CmpGetSymbolicLink(IN PHHIVE Hive,
IN OUT PUNICODE_STRING ObjectName,
IN OUT PCM_KEY_CONTROL_BLOCK SymbolicKcb,
IN PUNICODE_STRING RemainingName OPTIONAL)
{
HCELL_INDEX LinkCell = HCELL_NIL;
PCM_KEY_VALUE LinkValue = NULL;
PWSTR LinkName = NULL;
BOOLEAN LinkNameAllocated = FALSE;
PWSTR NewBuffer;
ULONG Length = 0;
ULONG ValueLength = 0;
BOOLEAN Result = FALSE;
HCELL_INDEX CellToRelease = HCELL_NIL;
PCM_KEY_NODE Node;
UNICODE_STRING NewObjectName;
/* Make sure we're not being deleted */
if (SymbolicKcb->Delete) return FALSE;
/* Get the key node */
Node = (PCM_KEY_NODE)HvGetCell(SymbolicKcb->KeyHive, SymbolicKcb->KeyCell);
if (!Node) goto Exit;
/* Find the symbolic link key */
LinkCell = CmpFindValueByName(Hive, Node, &CmSymbolicLinkValueName);
HvReleaseCell(SymbolicKcb->KeyHive, SymbolicKcb->KeyCell);
if (LinkCell == HCELL_NIL) goto Exit;
/* Get the value cell */
LinkValue = (PCM_KEY_VALUE)HvGetCell(Hive, LinkCell);
if (!LinkValue) goto Exit;
/* Make sure it's a registry link */
if (LinkValue->Type != REG_LINK) goto Exit;
/* Now read the value data */
if (!CmpGetValueData(Hive,
LinkValue,
&ValueLength,
(PVOID*)&LinkName,
&LinkNameAllocated,
&CellToRelease))
{
/* Fail */
goto Exit;
}
/* Get the length */
Length = ValueLength + sizeof(WCHAR);
/* Make sure we start with a slash */
if (*LinkName != OBJ_NAME_PATH_SEPARATOR) goto Exit;
/* Add the remaining name if needed */
if (RemainingName) Length += RemainingName->Length + sizeof(WCHAR);
/* Check for overflow */
if (Length > 0xFFFF) goto Exit;
/* Check if we need a new buffer */
if (Length > ObjectName->MaximumLength)
{
/* We do -- allocate one */
NewBuffer = ExAllocatePoolWithTag(PagedPool, Length, TAG_CM);
if (!NewBuffer) goto Exit;
/* Setup the new string and copy the symbolic target */
NewObjectName.Buffer = NewBuffer;
NewObjectName.MaximumLength = (USHORT)Length;
NewObjectName.Length = (USHORT)ValueLength;
RtlCopyMemory(NewBuffer, LinkName, ValueLength);
/* Check if we need to add anything else */
if (RemainingName)
{
/* Add the remaining name */
NewBuffer[ValueLength / sizeof(WCHAR)] = OBJ_NAME_PATH_SEPARATOR;
NewObjectName.Length += sizeof(WCHAR);
RtlAppendUnicodeStringToString(&NewObjectName, RemainingName);
}
/* Free the old buffer */
ExFreePool(ObjectName->Buffer);
*ObjectName = NewObjectName;
}
else
{
/* The old name is large enough -- update the length */
ObjectName->Length = (USHORT)ValueLength;
if (RemainingName)
{
/* Copy the remaining name inside */
RtlMoveMemory(&ObjectName->Buffer[(ValueLength / sizeof(WCHAR)) + 1],
RemainingName->Buffer,
RemainingName->Length);
/* Add the slash and update the length */
ObjectName->Buffer[ValueLength / sizeof(WCHAR)] = OBJ_NAME_PATH_SEPARATOR;
ObjectName->Length += RemainingName->Length + sizeof(WCHAR);
}
/* Copy the symbolic link target name */
RtlCopyMemory(ObjectName->Buffer, LinkName, ValueLength);
}
/* Null-terminate the whole thing */
ObjectName->Buffer[ObjectName->Length / sizeof(WCHAR)] = UNICODE_NULL;
Result = TRUE;
Exit:
/* Free the link name */
if (LinkNameAllocated) ExFreePool(LinkName);
/* Check if we had a value cell */
if (LinkValue)
{
/* Release it */
ASSERT(LinkCell != HCELL_NIL);
HvReleaseCell(Hive, LinkCell);
}
/* Check if we had an active cell and release it, then return the result */
if (CellToRelease != HCELL_NIL) HvReleaseCell(Hive, CellToRelease);
return Result;
}
NTSTATUS
NTAPI
CmpDoCreateChild(IN PHHIVE Hive,
IN HCELL_INDEX ParentCell,
IN PSECURITY_DESCRIPTOR ParentDescriptor OPTIONAL,
IN PACCESS_STATE AccessState,
IN PUNICODE_STRING Name,
IN KPROCESSOR_MODE AccessMode,
IN PCM_PARSE_CONTEXT ParseContext,
IN PCM_KEY_CONTROL_BLOCK ParentKcb,
IN ULONG Flags,
OUT PHCELL_INDEX KeyCell,
OUT PVOID *Object)
{
NTSTATUS Status = STATUS_SUCCESS;
PCM_KEY_BODY KeyBody;
HCELL_INDEX ClassCell = HCELL_NIL;
PCM_KEY_NODE KeyNode;
PCELL_DATA CellData;
ULONG StorageType;
PCM_KEY_CONTROL_BLOCK Kcb;
PSECURITY_DESCRIPTOR NewDescriptor;
/* Get the storage type */
StorageType = Stable;
if (ParseContext->CreateOptions & REG_OPTION_VOLATILE) StorageType = Volatile;
/* Allocate the child */
*KeyCell = HvAllocateCell(Hive,
FIELD_OFFSET(CM_KEY_NODE, Name) +
CmpNameSize(Hive, Name),
StorageType,
HCELL_NIL);
if (*KeyCell == HCELL_NIL)
{
/* Fail */
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Quickie;
}
/* Get the key node */
KeyNode = (PCM_KEY_NODE)HvGetCell(Hive, *KeyCell);
if (!KeyNode)
{
/* Fail, this should never happen */
ASSERT(FALSE);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Quickie;
}
/* Release the cell */
HvReleaseCell(Hive, *KeyCell);
/* Check if we have a class name */
if (ParseContext->Class.Length > 0)
{
/* Allocate a class cell */
ClassCell = HvAllocateCell(Hive,
ParseContext->Class.Length,
StorageType,
HCELL_NIL);
if (ClassCell == HCELL_NIL)
{
/* Fail */
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Quickie;
}
}
/* Allocate the Cm Object */
Status = ObCreateObject(AccessMode,
CmpKeyObjectType,
NULL,
AccessMode,
NULL,
sizeof(CM_KEY_BODY),
0,
0,
Object);
if (!NT_SUCCESS(Status)) goto Quickie;
/* Setup the key body */
KeyBody = (PCM_KEY_BODY)(*Object);
KeyBody->Type = CM_KEY_BODY_TYPE;
KeyBody->KeyControlBlock = NULL;
KeyBody->KcbLocked = FALSE;
/* Check if we had a class */
if (ParseContext->Class.Length > 0)
{
/* Get the class cell */
CellData = HvGetCell(Hive, ClassCell);
if (!CellData)
{
/* Fail, this should never happen */
ASSERT(FALSE);
Status = STATUS_INSUFFICIENT_RESOURCES;
ObDereferenceObject(*Object);
goto Quickie;
}
/* Release the cell */
HvReleaseCell(Hive, ClassCell);
/* Copy the class data */
RtlCopyMemory(&CellData->u.KeyString[0],
ParseContext->Class.Buffer,
ParseContext->Class.Length);
}
/* Fill out the key node */
KeyNode->Signature = CM_KEY_NODE_SIGNATURE;
KeyNode->Flags = Flags;
KeQuerySystemTime(&KeyNode->LastWriteTime);
KeyNode->Spare = 0;
KeyNode->Parent = ParentCell;
KeyNode->SubKeyCounts[Stable] = 0;
KeyNode->SubKeyCounts[Volatile] = 0;
KeyNode->SubKeyLists[Stable] = HCELL_NIL;
KeyNode->SubKeyLists[Volatile] = HCELL_NIL;
KeyNode->ValueList.Count = 0;
KeyNode->ValueList.List = HCELL_NIL;
KeyNode->Security = HCELL_NIL;
KeyNode->Class = ClassCell;
KeyNode->ClassLength = ParseContext->Class.Length;
KeyNode->MaxValueDataLen = 0;
KeyNode->MaxNameLen = 0;
KeyNode->MaxValueNameLen = 0;
KeyNode->MaxClassLen = 0;
KeyNode->NameLength = CmpCopyName(Hive, KeyNode->Name, Name);
if (KeyNode->NameLength < Name->Length) KeyNode->Flags |= KEY_COMP_NAME;
/* Create the KCB */
Kcb = CmpCreateKeyControlBlock(Hive,
*KeyCell,
KeyNode,
ParentKcb,
CMP_LOCK_HASHES_FOR_KCB,
Name);
if (!Kcb)
{
/* Fail */
ObDereferenceObjectDeferDelete(*Object);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Quickie;
}
/* Sanity check */
ASSERT(Kcb->RefCount == 1);
/* Now fill out the Cm object */
KeyBody->NotifyBlock = NULL;
KeyBody->ProcessID = PsGetCurrentProcessId();
KeyBody->KeyControlBlock = Kcb;
/* Link it with the KCB */
EnlistKeyBodyWithKCB(KeyBody, CMP_ENLIST_KCB_LOCKED_EXCLUSIVE);
/* Assign security */
Status = SeAssignSecurity(ParentDescriptor,
AccessState->SecurityDescriptor,
&NewDescriptor,
TRUE,
&AccessState->SubjectSecurityContext,
&CmpKeyObjectType->TypeInfo.GenericMapping,
CmpKeyObjectType->TypeInfo.PoolType);
if (NT_SUCCESS(Status))
{
/*
* FIXME: We must acquire a security lock when assigning
* a security descriptor to this hive but since the
* CmpAssignSecurityDescriptor function does nothing
* (we lack the necessary security management implementations
* anyway), do not do anything for now.
*/
Status = CmpAssignSecurityDescriptor(Kcb, NewDescriptor);
}
/* Now that the security descriptor is copied in the hive, we can free the original */
SeDeassignSecurity(&NewDescriptor);
if (NT_SUCCESS(Status))
{
/* Send notification to registered callbacks */
CmpReportNotify(Kcb, Hive, Kcb->KeyCell, REG_NOTIFY_CHANGE_NAME);
}
Quickie:
/* Check if we got here because of failure */
if (!NT_SUCCESS(Status))
{
/* Free any cells we might've allocated */
if (ParseContext->Class.Length > 0) HvFreeCell(Hive, ClassCell);
HvFreeCell(Hive, *KeyCell);
}
/* Return status */
return Status;
}
NTSTATUS
NTAPI
CmpDoCreate(IN PHHIVE Hive,
IN HCELL_INDEX Cell,
IN PACCESS_STATE AccessState,
IN PUNICODE_STRING Name,
IN KPROCESSOR_MODE AccessMode,
IN PCM_PARSE_CONTEXT ParseContext,
IN PCM_KEY_CONTROL_BLOCK ParentKcb,
OUT PVOID *Object)
{
NTSTATUS Status;
PCELL_DATA CellData;
HCELL_INDEX KeyCell;
ULONG ParentType;
PCM_KEY_BODY KeyBody;
PSECURITY_DESCRIPTOR SecurityDescriptor = NULL;
LARGE_INTEGER TimeStamp;
PCM_KEY_NODE KeyNode;
/* Make sure the KCB is locked and lock the flusher */
CMP_ASSERT_KCB_LOCK(ParentKcb);
CmpLockHiveFlusherShared((PCMHIVE)Hive);
/* Bail out on read-only KCBs */
if (ParentKcb->ExtFlags & CM_KCB_READ_ONLY_KEY)
{
Status = STATUS_ACCESS_DENIED;
goto Exit;
}
/* Check if the parent is being deleted */
if (ParentKcb->Delete)
{
/* It has, quit */
ASSERT(FALSE);
Status = STATUS_OBJECT_NAME_NOT_FOUND;
goto Exit;
}
/* Get the parent node */
KeyNode = (PCM_KEY_NODE)HvGetCell(Hive, Cell);
if (!KeyNode)
{
/* Fail */
ASSERT(FALSE);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Make sure nobody added us yet */
if (CmpFindSubKeyByName(Hive, KeyNode, Name) != HCELL_NIL)
{
/* Fail */
ASSERT(FALSE);
Status = STATUS_REPARSE;
goto Exit;
}
/* Sanity check */
ASSERT(Cell == ParentKcb->KeyCell);
/* Get the parent type */
ParentType = HvGetCellType(Cell);
if ((ParentType == Volatile) &&
!(ParseContext->CreateOptions & REG_OPTION_VOLATILE))
{
/* Children of volatile parents must also be volatile */
//ASSERT(FALSE);
Status = STATUS_CHILD_MUST_BE_VOLATILE;
goto Exit;
}
/* Don't allow children under symlinks */
if (ParentKcb->Flags & KEY_SYM_LINK)
{
/* Fail */
ASSERT(FALSE);
Status = STATUS_ACCESS_DENIED;
goto Exit;
}
/* Make the cell dirty for now */
HvMarkCellDirty(Hive, Cell, FALSE);
/* Do the actual create operation */
Status = CmpDoCreateChild(Hive,
Cell,
SecurityDescriptor,
AccessState,
Name,
AccessMode,
ParseContext,
ParentKcb,
0,
&KeyCell,
Object);
if (NT_SUCCESS(Status))
{
/* Get the key body */
KeyBody = (PCM_KEY_BODY)(*Object);
/* Now add the subkey */
if (!CmpAddSubKey(Hive, Cell, KeyCell))
{
/* Free the created child */
CmpFreeKeyByCell(Hive, KeyCell, FALSE);
/* Purge out this KCB */
KeyBody->KeyControlBlock->Delete = TRUE;
CmpRemoveKeyControlBlock(KeyBody->KeyControlBlock);
/* And cleanup the key body object */
ObDereferenceObjectDeferDelete(*Object);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Get the key node */
KeyNode = (PCM_KEY_NODE)HvGetCell(Hive, Cell);
if (!KeyNode)
{
/* Fail, this shouldn't happen */
CmpFreeKeyByCell(Hive, KeyCell, TRUE); // Subkey linked above
/* Purge out this KCB */
KeyBody->KeyControlBlock->Delete = TRUE;
CmpRemoveKeyControlBlock(KeyBody->KeyControlBlock);
/* And cleanup the key body object */
ObDereferenceObjectDeferDelete(*Object);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Clean up information on this subkey */
CmpCleanUpSubKeyInfo(KeyBody->KeyControlBlock->ParentKcb);
/* Sanity checks */
ASSERT(KeyBody->KeyControlBlock->ParentKcb->KeyCell == Cell);
ASSERT(KeyBody->KeyControlBlock->ParentKcb->KeyHive == Hive);
ASSERT(KeyBody->KeyControlBlock->ParentKcb == ParentKcb);
ASSERT(KeyBody->KeyControlBlock->ParentKcb->KcbMaxNameLen == KeyNode->MaxNameLen);
/* Update the timestamp */
KeQuerySystemTime(&TimeStamp);
KeyNode->LastWriteTime = TimeStamp;
KeyBody->KeyControlBlock->ParentKcb->KcbLastWriteTime = TimeStamp;
/* Check if we need to update name maximum */
if (KeyNode->MaxNameLen < Name->Length)
{
/* Do it */
KeyNode->MaxNameLen = Name->Length;
KeyBody->KeyControlBlock->ParentKcb->KcbMaxNameLen = Name->Length;
}
/* Check if we need to update class length maximum */
if (KeyNode->MaxClassLen < ParseContext->Class.Length)
{
/* Update it */
KeyNode->MaxClassLen = ParseContext->Class.Length;
}
/* Check if we're creating a symbolic link */
if (ParseContext->CreateOptions & REG_OPTION_CREATE_LINK)
{
/* Get the cell data */
CellData = HvGetCell(Hive, KeyCell);
if (!CellData)
{
/* This shouldn't happen */
CmpFreeKeyByCell(Hive, KeyCell, TRUE); // Subkey linked above
/* Purge out this KCB */
KeyBody->KeyControlBlock->Delete = TRUE;
CmpRemoveKeyControlBlock(KeyBody->KeyControlBlock);
/* And cleanup the key body object */
ObDereferenceObjectDeferDelete(*Object);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Update the flags */
CellData->u.KeyNode.Flags |= KEY_SYM_LINK;
KeyBody->KeyControlBlock->Flags = CellData->u.KeyNode.Flags;
HvReleaseCell(Hive, KeyCell);
}
}
Exit:
/* Release the flusher lock and return status */
CmpUnlockHiveFlusher((PCMHIVE)Hive);
return Status;
}
NTSTATUS
NTAPI
CmpDoOpen(IN PHHIVE Hive,
IN HCELL_INDEX Cell,
IN PCM_KEY_NODE Node,
IN PACCESS_STATE AccessState,
IN KPROCESSOR_MODE AccessMode,
IN ULONG Attributes,
IN PCM_PARSE_CONTEXT Context OPTIONAL,
IN ULONG ControlFlags,
IN OUT PCM_KEY_CONTROL_BLOCK *CachedKcb,
IN PULONG KcbsLocked,
IN PUNICODE_STRING KeyName,
OUT PVOID *Object)
{
NTSTATUS Status;
BOOLEAN LockKcb = FALSE;
BOOLEAN IsLockShared = FALSE;
PCM_KEY_BODY KeyBody = NULL;
PCM_KEY_CONTROL_BLOCK Kcb = NULL;
/* Make sure the hive isn't locked */
if ((Hive->HiveFlags & HIVE_IS_UNLOADING) &&
(((PCMHIVE)Hive)->CreatorOwner != KeGetCurrentThread()))
{
/* It is, don't touch it */
return STATUS_OBJECT_NAME_NOT_FOUND;
}
/* Check if we have a context */
if (Context)
{
/* Check if this is a link create (which shouldn't be an open) */
if (Context->CreateLink)
{
return STATUS_ACCESS_DENIED;
}
/* Check if this is symlink create attempt */
if (Context->CreateOptions & REG_OPTION_CREATE_LINK)
{
/* Key already exists */
return STATUS_OBJECT_NAME_COLLISION;
}
/* Set the disposition */
Context->Disposition = REG_OPENED_EXISTING_KEY;
}
/* Lock the KCB on creation if asked */
if (ControlFlags & CMP_CREATE_KCB_KCB_LOCKED)
{
LockKcb = TRUE;
}
/* Check if caller doesn't want to create a KCB */
if (ControlFlags & CMP_OPEN_KCB_NO_CREATE)
{
/*
* The caller doesn't want to create a KCB. This means the KCB
* is already in cache and other threads may take use of it
* so it has to be locked in share mode.
*/
IsLockShared = TRUE;
/* Check if this is a symlink */
if (((*CachedKcb)->Flags & KEY_SYM_LINK) && !(Attributes & OBJ_OPENLINK))
{
/* Is this symlink found? */
if ((*CachedKcb)->ExtFlags & CM_KCB_SYM_LINK_FOUND)
{
/* Get the real KCB, is this deleted? */
Kcb = (*CachedKcb)->ValueCache.RealKcb;
if (Kcb->Delete)
{
/*
* The real KCB is gone, do a reparse. We used to lock the KCB in
* shared mode as others may have taken use of it but since we
* must do a reparse of the key the only thing that matter is us.
* Lock the KCB exclusively so nobody is going to mess with the KCB.
*/
DPRINT1("The real KCB is deleted, attempt a reparse\n");
CmpUnLockKcbArray(KcbsLocked);
CmpAcquireKcbLockExclusiveByIndex(GET_HASH_INDEX((*CachedKcb)->ConvKey));
CmpCleanUpKcbValueCache(*CachedKcb);
KcbsLocked[0] = 1;
KcbsLocked[1] = GET_HASH_INDEX((*CachedKcb)->ConvKey);
return STATUS_REPARSE;
}
/*
* The symlink has been found. As in the similar case above,
* the KCB of the symlink exclusively, we don't want anybody
* to mess it up.
*/
CmpUnLockKcbArray(KcbsLocked);
CmpAcquireKcbLockExclusiveByIndex(GET_HASH_INDEX((*CachedKcb)->ConvKey));
KcbsLocked[0] = 1;
KcbsLocked[1] = GET_HASH_INDEX((*CachedKcb)->ConvKey);
}
else
{
/* We must do a reparse */
DPRINT("The symlink is not found, attempt a reparse\n");
return STATUS_REPARSE;
}
}
else
{
/* This is not a symlink, just give the cached KCB already */
Kcb = *CachedKcb;
}
/* The caller wants to open a cached KCB */
if (!CmpReferenceKeyControlBlock(Kcb))
{
/* Return failure code */
return STATUS_INSUFFICIENT_RESOURCES;
}
}
else
{
/*
* The caller wants to create a new KCB. Unlike the code path above, here
* we must check if the lock is exclusively held because in the scenario
* where the caller doesn't want to create a KCB is because it is already
* in the cache and it must have a shared lock instead.
*/
ASSERT(CmpIsKcbLockedExclusive(*CachedKcb));
/* Check if this is a symlink */
if ((Node->Flags & KEY_SYM_LINK) && !(Attributes & OBJ_OPENLINK))
{
/* Create the KCB for the symlink */
Kcb = CmpCreateKeyControlBlock(Hive,
Cell,
Node,
*CachedKcb,
LockKcb ? CMP_LOCK_HASHES_FOR_KCB : 0,
KeyName);
if (!Kcb)
{
/* Return failure */
return STATUS_INSUFFICIENT_RESOURCES;
}
/* Make sure it's also locked, and set the pointer */
ASSERT(CmpIsKcbLockedExclusive(Kcb));
*CachedKcb = Kcb;
/* Return reparse required */
return STATUS_REPARSE;
}
/* Create the KCB */
Kcb = CmpCreateKeyControlBlock(Hive,
Cell,
Node,
*CachedKcb,
LockKcb ? CMP_LOCK_HASHES_FOR_KCB : 0,
KeyName);
if (!Kcb)
{
/* Return failure */
return STATUS_INSUFFICIENT_RESOURCES;
}
/* Make sure it's also locked, and set the pointer */
ASSERT(CmpIsKcbLockedExclusive(Kcb));
*CachedKcb = Kcb;
}
/* Allocate the key object */
Status = ObCreateObject(AccessMode,
CmpKeyObjectType,
NULL,
AccessMode,
NULL,
sizeof(CM_KEY_BODY),
0,
0,
Object);
if (NT_SUCCESS(Status))
{
/* Get the key body and fill it out */
KeyBody = (PCM_KEY_BODY)(*Object);
KeyBody->KeyControlBlock = Kcb;
KeyBody->Type = CM_KEY_BODY_TYPE;
KeyBody->ProcessID = PsGetCurrentProcessId();
KeyBody->NotifyBlock = NULL;
/* Link to the KCB */
EnlistKeyBodyWithKCB(KeyBody, IsLockShared ? CMP_ENLIST_KCB_LOCKED_SHARED : CMP_ENLIST_KCB_LOCKED_EXCLUSIVE);
/*
* We are already holding a lock against the KCB that is assigned
* to this key body. This is to prevent a potential deadlock on
* CmpSecurityMethod as ObCheckObjectAccess will invoke the Object
* Manager to call that method, of which CmpSecurityMethod would
* attempt to acquire a lock again.
*/
KeyBody->KcbLocked = TRUE;
if (!ObCheckObjectAccess(*Object,
AccessState,
FALSE,
AccessMode,
&Status))
{
/* Access check failed */
ObDereferenceObject(*Object);
}
/*
* We are done, the lock we are holding will be released
* once the registry parsing is done.
*/
KeyBody->KcbLocked = FALSE;
}
else
{
/* Failed, dereference the KCB */
CmpDereferenceKeyControlBlockWithLock(Kcb, FALSE);
}
/* Return status */
return Status;
}
NTSTATUS
NTAPI
CmpCreateLinkNode(IN PHHIVE Hive,
IN HCELL_INDEX Cell,
IN PACCESS_STATE AccessState,
IN UNICODE_STRING Name,
IN KPROCESSOR_MODE AccessMode,
IN ULONG CreateOptions,
IN PCM_PARSE_CONTEXT Context,
IN PCM_KEY_CONTROL_BLOCK ParentKcb,
IN PULONG KcbsLocked,
OUT PVOID *Object)
{
NTSTATUS Status;
HCELL_INDEX KeyCell, LinkCell, ChildCell;
PCM_KEY_BODY KeyBody;
LARGE_INTEGER TimeStamp;
PCM_KEY_NODE KeyNode;
PCM_KEY_CONTROL_BLOCK Kcb = ParentKcb;
/* Link nodes only allowed on the master */
if (Hive != &CmiVolatileHive->Hive)
{
/* Fail */
DPRINT1("Invalid link node attempt\n");
return STATUS_ACCESS_DENIED;
}
/* Make sure the KCB is locked and lock the flusher */
CMP_ASSERT_KCB_LOCK(ParentKcb);
CmpLockHiveFlusherShared((PCMHIVE)Hive);
CmpLockHiveFlusherShared((PCMHIVE)Context->ChildHive.KeyHive);
/* Bail out on read-only KCBs */
if (ParentKcb->ExtFlags & CM_KCB_READ_ONLY_KEY)
{
Status = STATUS_ACCESS_DENIED;
goto Exit;
}
/* Check if the parent is being deleted */
if (ParentKcb->Delete)
{
/* It is, quit */
ASSERT(FALSE);
Status = STATUS_OBJECT_NAME_NOT_FOUND;
goto Exit;
}
/* Allocate a link node */
LinkCell = HvAllocateCell(Hive,
FIELD_OFFSET(CM_KEY_NODE, Name) +
CmpNameSize(Hive, &Name),
Stable,
HCELL_NIL);
if (LinkCell == HCELL_NIL)
{
/* Fail */
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Get the key cell */
KeyCell = Context->ChildHive.KeyCell;
if (KeyCell != HCELL_NIL)
{
/* Hive exists! */
ChildCell = KeyCell;
/* Get the node data */
KeyNode = (PCM_KEY_NODE)HvGetCell(Context->ChildHive.KeyHive, ChildCell);
if (!KeyNode)
{
/* Fail */
ASSERT(FALSE);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Fill out the data */
KeyNode->Parent = LinkCell;
KeyNode->Flags |= KEY_HIVE_ENTRY | KEY_NO_DELETE;
HvReleaseCell(Context->ChildHive.KeyHive, ChildCell);
/* Now open the key cell */
KeyNode = (PCM_KEY_NODE)HvGetCell(Context->ChildHive.KeyHive, KeyCell);
if (!KeyNode)
{
/* Fail */
ASSERT(FALSE);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Open the parent */
Status = CmpDoOpen(Context->ChildHive.KeyHive,
KeyCell,
KeyNode,
AccessState,
AccessMode,
CreateOptions,
NULL,
CMP_CREATE_KCB_KCB_LOCKED,
&Kcb,
KcbsLocked,
&Name,
Object);
HvReleaseCell(Context->ChildHive.KeyHive, KeyCell);
}
else
{
/* Do the actual create operation */
Status = CmpDoCreateChild(Context->ChildHive.KeyHive,
Cell,
NULL,
AccessState,
&Name,
AccessMode,
Context,
ParentKcb,
KEY_HIVE_ENTRY | KEY_NO_DELETE,
&ChildCell,
Object);
if (NT_SUCCESS(Status))
{
/* Setup root pointer */
Context->ChildHive.KeyHive->BaseBlock->RootCell = ChildCell;
}
}
/* Check if open or create suceeded */
if (NT_SUCCESS(Status))
{
/* Mark the cell dirty */
HvMarkCellDirty(Context->ChildHive.KeyHive, ChildCell, FALSE);
/* Get the key node */
KeyNode = (PCM_KEY_NODE)HvGetCell(Context->ChildHive.KeyHive, ChildCell);
if (!KeyNode)
{
/* Fail */
ASSERT(FALSE);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Release it */
HvReleaseCell(Context->ChildHive.KeyHive, ChildCell);
/* Set the parent and flags */
KeyNode->Parent = LinkCell;
KeyNode->Flags |= KEY_HIVE_ENTRY | KEY_NO_DELETE;
/* Get the link node */
KeyNode = (PCM_KEY_NODE)HvGetCell(Hive, LinkCell);
if (!KeyNode)
{
/* Fail */
ASSERT(FALSE);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Set it up */
KeyNode->Signature = CM_LINK_NODE_SIGNATURE;
KeyNode->Flags = KEY_HIVE_EXIT | KEY_NO_DELETE;
KeyNode->Parent = Cell;
KeyNode->NameLength = CmpCopyName(Hive, KeyNode->Name, &Name);
if (KeyNode->NameLength < Name.Length) KeyNode->Flags |= KEY_COMP_NAME;
KeQuerySystemTime(&TimeStamp);
KeyNode->LastWriteTime = TimeStamp;
/* Clear out the rest */
KeyNode->SubKeyCounts[Stable] = 0;
KeyNode->SubKeyCounts[Volatile] = 0;
KeyNode->SubKeyLists[Stable] = HCELL_NIL;
KeyNode->SubKeyLists[Volatile] = HCELL_NIL;
KeyNode->ValueList.Count = 0;
KeyNode->ValueList.List = HCELL_NIL;
KeyNode->ClassLength = 0;
/* Reference the root node */
KeyNode->ChildHiveReference.KeyHive = Context->ChildHive.KeyHive;
KeyNode->ChildHiveReference.KeyCell = ChildCell;
HvReleaseCell(Hive, LinkCell);
/* Get the parent node */
KeyNode = (PCM_KEY_NODE)HvGetCell(Hive, Cell);
if (!KeyNode)
{
/* Fail */
ASSERT(FALSE);
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Exit;
}
/* Now add the subkey */
if (!CmpAddSubKey(Hive, Cell, LinkCell))
{
/* Failure! We don't handle this yet! */
ASSERT(FALSE);
}
/* Get the key body */
KeyBody = (PCM_KEY_BODY)*Object;
/* Clean up information on this subkey */
CmpCleanUpSubKeyInfo(KeyBody->KeyControlBlock->ParentKcb);
/* Sanity checks */
ASSERT(KeyBody->KeyControlBlock->ParentKcb->KeyCell == Cell);
ASSERT(KeyBody->KeyControlBlock->ParentKcb->KeyHive == Hive);
ASSERT(KeyBody->KeyControlBlock->ParentKcb->KcbMaxNameLen == KeyNode->MaxNameLen);
/* Update the timestamp */
KeQuerySystemTime(&TimeStamp);
KeyNode->LastWriteTime = TimeStamp;
KeyBody->KeyControlBlock->ParentKcb->KcbLastWriteTime = TimeStamp;
/* Check if we need to update name maximum */
if (KeyNode->MaxNameLen < Name.Length)
{
/* Do it */
KeyNode->MaxNameLen = Name.Length;
KeyBody->KeyControlBlock->ParentKcb->KcbMaxNameLen = Name.Length;
}
/* Check if we need to update class length maximum */
if (KeyNode->MaxClassLen < Context->Class.Length)
{
/* Update it */
KeyNode->MaxClassLen = Context->Class.Length;
}
/* Release the cell */
HvReleaseCell(Hive, Cell);
}
else
{
/* Release the link cell */
HvReleaseCell(Hive, LinkCell);
}
Exit:
/* Release the flusher locks and return status */
CmpUnlockHiveFlusher((PCMHIVE)Context->ChildHive.KeyHive);
CmpUnlockHiveFlusher((PCMHIVE)Hive);
return Status;
}
VOID
NTAPI
CmpHandleExitNode(IN OUT PHHIVE *Hive,
IN OUT HCELL_INDEX *Cell,
IN OUT PCM_KEY_NODE *KeyNode,
IN OUT PHHIVE *ReleaseHive,
IN OUT HCELL_INDEX *ReleaseCell)
{
/* Check if we have anything to release */
if (*ReleaseCell != HCELL_NIL)
{
/* Release it */
ASSERT(*ReleaseHive != NULL);
HvReleaseCell(*ReleaseHive, *ReleaseCell);
}
/* Get the link references */
*Hive = (*KeyNode)->ChildHiveReference.KeyHive;
*Cell = (*KeyNode)->ChildHiveReference.KeyCell;
/* Get the new node */
*KeyNode = (PCM_KEY_NODE)HvGetCell(*Hive, *Cell);
if (*KeyNode)
{
/* Set the new release values */
*ReleaseCell = *Cell;
*ReleaseHive = *Hive;
}
else
{
/* Nothing to release */
*ReleaseCell = HCELL_NIL;
*ReleaseHive = NULL;
}
}
/**
* @brief
* Computes the hashes of each subkey in key path name
* and stores them in a hash stack for cache lookup.
*
* @param[in] RemainingName
* A Unicode string structure consisting of the remaining
* registry key path name.
*
* @param[in] ConvKey
* The hash convkey of the current KCB to be supplied.
*
* @param[in,out] HashCacheStack
* An array stack. This function uses this array to store
* all the computed hashes of a key pathname.
*
* @param[out] TotalSubKeys
* The number of total subkeys that have been found, returned
* by this function to the caller. If no subkey levels are found
* the function returns 0.
*
* @return
* Returns the number of remaining subkey levels to caller.
* If no subkey levels are found then this function returns 0.
*/
static
ULONG
CmpComputeHashValue(
_In_ PUNICODE_STRING RemainingName,
_In_ ULONG ConvKey,
_Inout_ PCM_HASH_CACHE_STACK HashCacheStack,
_Out_ PULONG TotalSubKeys)
{
ULONG CopyConvKey;
ULONG SubkeysInTotal;
ULONG RemainingSubkeysInTotal;
PWCHAR RemainingNameBuffer;
USHORT RemainingNameLength;
USHORT KeyNameLength;
/* Don't compute the hashes on a NULL remaining name */
RemainingNameBuffer = RemainingName->Buffer;
RemainingNameLength = RemainingName->Length;
if (RemainingNameLength == 0)
{
*TotalSubKeys = 0;
return 0;
}
/* Skip any leading separator */
while (RemainingNameLength >= sizeof(WCHAR) &&
*RemainingNameBuffer == OBJ_NAME_PATH_SEPARATOR)
{
RemainingNameBuffer++;
RemainingNameLength -= sizeof(WCHAR);
}
/* Now set up the hash stack entries and compute the hashes */
SubkeysInTotal = 0;
RemainingSubkeysInTotal = 0;
KeyNameLength = 0;
CopyConvKey = ConvKey;
HashCacheStack[RemainingSubkeysInTotal].NameOfKey.Buffer = RemainingNameBuffer;
while (RemainingNameLength > 0)
{
/* Is this character a separator? */
if (*RemainingNameBuffer != OBJ_NAME_PATH_SEPARATOR)
{
/* It's not, add it to the hash */
CopyConvKey = COMPUTE_HASH_CHAR(CopyConvKey, *RemainingNameBuffer);
/* Go to the next character (add up the length of the character as well) */
RemainingNameBuffer++;
KeyNameLength += sizeof(WCHAR);
RemainingNameLength -= sizeof(WCHAR);
/*
* We are at the end of the key name path. Take into account
* the last character and if we still have space in the hash
* stack, add it up in the remaining list.
*/
if (RemainingNameLength == 0)
{
if (RemainingSubkeysInTotal < CMP_SUBKEY_LEVELS_DEPTH_LIMIT)
{
HashCacheStack[RemainingSubkeysInTotal].NameOfKey.Length = KeyNameLength;
HashCacheStack[RemainingSubkeysInTotal].NameOfKey.MaximumLength = KeyNameLength;
HashCacheStack[RemainingSubkeysInTotal].ConvKey = CopyConvKey;
RemainingSubkeysInTotal++;
}
SubkeysInTotal++;
}
}
else
{
/* Skip any leading separator */
while (RemainingNameLength >= sizeof(WCHAR) &&
*RemainingNameBuffer == OBJ_NAME_PATH_SEPARATOR)
{
RemainingNameBuffer++;
RemainingNameLength -= sizeof(WCHAR);
}
/*
* It would be possible that a malformed key pathname may be passed
* to the registry parser such as a path with only separators like
* "\\\\" for example. This would trick the function into believing
* the key path has subkeys albeit that is not the case.
*/
ASSERT(RemainingNameLength != 0);
/* Take into account this subkey */
SubkeysInTotal++;
/* And add it up to the hash stack */
if (RemainingSubkeysInTotal < CMP_SUBKEY_LEVELS_DEPTH_LIMIT)
{
HashCacheStack[RemainingSubkeysInTotal].NameOfKey.Length = KeyNameLength;
HashCacheStack[RemainingSubkeysInTotal].NameOfKey.MaximumLength = KeyNameLength;
HashCacheStack[RemainingSubkeysInTotal].ConvKey = CopyConvKey;
RemainingSubkeysInTotal++;
KeyNameLength = 0;
/*
* Precaution check -- we have added up a remaining
* subkey above but we must ensure we still have space
* to hold up the new subkey for which we will compute
* the hashes, so that we don't blow up the hash stack.
*/
if (RemainingSubkeysInTotal < CMP_SUBKEY_LEVELS_DEPTH_LIMIT)
{
HashCacheStack[RemainingSubkeysInTotal].NameOfKey.Buffer = RemainingNameBuffer;
}
}
}
}
*TotalSubKeys = SubkeysInTotal;
return RemainingSubkeysInTotal;
}
/**
* @brief
* Compares each subkey's hash and name with those
* captured in the hash cache stack.
*
* @param[in] HashCacheStack
* A pointer to a hash cache stack array filled with
* subkey hashes and names for comparison.
*
* @param[in] CurrentKcb
* A pointer to the currently given KCB.
*
* @param[in] RemainingSubkeys
* The remaining subkey levels to be supplied.
*
* @param[out] ParentKcb
* A pointer to the parent KCB returned to the caller.
* This parameter points to the parent of the current
* KCB if all the subkeys match, otherwise it points
* to the actual current KCB.
*
* @return
* Returns TRUE if all the subkey levels match, otherwise
* FALSE is returned.
*/
static
BOOLEAN
CmpCompareSubkeys(
_In_ PCM_HASH_CACHE_STACK HashCacheStack,
_In_ PCM_KEY_CONTROL_BLOCK CurrentKcb,
_In_ ULONG RemainingSubkeys,
_Out_ PCM_KEY_CONTROL_BLOCK *ParentKcb)
{
LONG HashStackIndex;
LONG Result;
PCM_NAME_CONTROL_BLOCK NameBlock;
UNICODE_STRING CurrentNameBlock;
ASSERT(CurrentKcb != NULL);
/* Loop each hash and check that they match */
HashStackIndex = RemainingSubkeys;
while (HashStackIndex >= 0)
{
/* Does the subkey hash match? */
if (CurrentKcb->ConvKey != HashCacheStack[HashStackIndex].ConvKey)
{
*ParentKcb = CurrentKcb;
return FALSE;
}
/* Compare the subkey string, is the name compressed? */
NameBlock = CurrentKcb->NameBlock;
if (NameBlock->Compressed)
{
Result = CmpCompareCompressedName(&HashCacheStack[HashStackIndex].NameOfKey,
NameBlock->Name,
NameBlock->NameLength);
}
else
{
CurrentNameBlock.Buffer = NameBlock->Name;
CurrentNameBlock.Length = NameBlock->NameLength;
CurrentNameBlock.MaximumLength = NameBlock->NameLength;
Result = RtlCompareUnicodeString(&HashCacheStack[HashStackIndex].NameOfKey,
&CurrentNameBlock,
TRUE);
}
/* Do the subkey names match? */
if (Result)
{
*ParentKcb = CurrentKcb;
return FALSE;
}
/* Go to the next subkey hash */
HashStackIndex--;
}
/* All the subkeys match */
*ParentKcb = CurrentKcb->ParentKcb;
return TRUE;
}
/**
* @brief
* Removes the subkeys on a remaining key pathname.
*
* @param[in] HashCacheStack
* A pointer to a hash cache stack array filled with
* subkey hashes and names.
*
* @param[in] RemainingSubkeys
* The remaining subkey levels to be supplied.
*
* @param[in,out] RemainingName
* A Unicode string structure consisting of the remaining
* registry key path name, where the subkeys of such path
* are to be removed.
*/
static
VOID
CmpRemoveSubkeysInRemainingName(
_In_ PCM_HASH_CACHE_STACK HashCacheStack,
_In_ ULONG RemainingSubkeys,
_Inout_ PUNICODE_STRING RemainingName)
{
ULONG HashStackIndex = 0;
/* Skip any leading separator on matching name */
while (RemainingName->Length >= sizeof(WCHAR) &&
RemainingName->Buffer[0] == OBJ_NAME_PATH_SEPARATOR)
{
RemainingName->Buffer++;
RemainingName->Length -= sizeof(WCHAR);
}
/* Skip the subkeys as well */
while (HashStackIndex <= RemainingSubkeys)
{
RemainingName->Buffer += HashCacheStack[HashStackIndex].NameOfKey.Length / sizeof(WCHAR);
RemainingName->Length -= HashCacheStack[HashStackIndex].NameOfKey.Length;
/* Skip any leading separator */
while (RemainingName->Length >= sizeof(WCHAR) &&
RemainingName->Buffer[0] == OBJ_NAME_PATH_SEPARATOR)
{
RemainingName->Buffer++;
RemainingName->Length -= sizeof(WCHAR);
}
/* Go to the next hash */
HashStackIndex++;
}
}
/**
* @brief
* Looks up in the pool cache for key pathname that matches
* with one in the said cache and returns a KCB pointing
* to that name. This function performs locking of KCBs
* during cache lookup.
*
* @param[in] HashCacheStack
* A pointer to a hash cache stack array filled with
* subkey hashes and names.
*
* @param[in] LockKcbsExclusive
* If set to TRUE, the KCBs are locked exclusively by the
* calling thread, otherwise they are locked in shared mode.
* See Remarks for further information.
*
* @param[in] TotalRemainingSubkeys
* The total remaining subkey levels to be supplied.
*
* @param[in,out] RemainingName
* A Unicode string structure consisting of the remaining
* registry key path name. The remaining name is updated
* by the function if a key pathname is found in cache.
*
* @param[in,out] OuterStackArray
* A pointer to an array that lives on the caller's stack.
* The expected size of the array is up to 32 elements,
* which is the imposed limit by CMP_HASH_STACK_LIMIT.
* This limit also corresponds to the maximum depth of
* subkey levels.
*
* @param[in,out] Kcb
* A pointer to a KCB, this KCB is changed if the key pathname
* is found in cache.
*
* @param[out] Hive
* A pointer to a hive, this hive is changed if the key pathname
* is found in cache.
*
* @param[out] Cell
* A pointer to a cell, this cell is changed if the key pathname
* is found in cache.
*
* @param[out] MatchRemainSubkeyLevel
* A pointer to match subkey levels returned by the function.
* If no match levels are found, this is 0.
*
* @return
* Returns STATUS_SUCCESS if cache lookup has completed successfully.
* STATUS_OBJECT_NAME_NOT_FOUND is returned if the current KCB of
* the key pathname has been deleted. STATUS_RETRY is returned if
* at least the current KCB or its parent have been deleted
* and a cache lookup must be retried again. STATUS_UNSUCCESSFUL is
* returned if a KCB is referenced too many times.
*
* @remarks
* The function attempts to do a cache lookup with a shared lock
* on KCBs so that other threads can simultaneously get access
* to these KCBs. When the captured KCB is being deleted on us
* we have to retry a lookup with exclusive look so that no other
* threads will mess with the KCBs and perform appropriate actions
* if a KCB is deleted.
*/
static
NTSTATUS
CmpLookInCache(
_In_ PCM_HASH_CACHE_STACK HashCacheStack,
_In_ BOOLEAN LockKcbsExclusive,
_In_ ULONG TotalRemainingSubkeys,
_Inout_ PUNICODE_STRING RemainingName,
_Inout_ PULONG OuterStackArray,
_Inout_ PCM_KEY_CONTROL_BLOCK *Kcb,
_Out_ PHHIVE *Hive,
_Out_ PHCELL_INDEX Cell,
_Out_ PULONG MatchRemainSubkeyLevel)
{
LONG RemainingSubkeys;
ULONG TotalLevels;
BOOLEAN SubkeysMatch;
PCM_KEY_CONTROL_BLOCK CurrentKcb, ParentKcb;
PCM_KEY_HASH HashEntry = NULL;
BOOLEAN KeyFoundInCache = FALSE;
PULONG LockedKcbs = NULL;
/* Reference the KCB */
if (!CmpReferenceKeyControlBlock(*Kcb))
{
/* This key is opened too many times, bail out */
DPRINT1("Could not reference the KCB, too many references (KCB 0x%p)\n", Kcb);
return STATUS_UNSUCCESSFUL;
}
/* Prepare to lock the KCBs */
LockedKcbs = CmpBuildAndLockKcbArray(HashCacheStack,
LockKcbsExclusive ? CMP_LOCK_KCB_ARRAY_EXCLUSIVE : CMP_LOCK_KCB_ARRAY_SHARED,
*Kcb,
OuterStackArray,
TotalRemainingSubkeys,
0);
NT_ASSERT(LockedKcbs);
/* Lookup in the cache */
RemainingSubkeys = TotalRemainingSubkeys - 1;
TotalLevels = TotalRemainingSubkeys + (*Kcb)->TotalLevels + 1;
while (RemainingSubkeys >= 0)
{
/* Get the hash entry from the cache */
HashEntry = GET_HASH_ENTRY(CmpCacheTable, HashCacheStack[RemainingSubkeys].ConvKey)->Entry;
/* Take one level down as we are processing this hash entry */
TotalLevels--;
while (HashEntry != NULL)
{
/* Validate this hash and obtain the current KCB */
ASSERT_VALID_HASH(HashEntry);
CurrentKcb = CONTAINING_RECORD(HashEntry, CM_KEY_CONTROL_BLOCK, KeyHash);
/* Does this KCB have matching levels? */
if (TotalLevels == CurrentKcb->TotalLevels)
{
/*
* We have matching subkey levels but don't directly assume we have
* a matching key path in cache. Start comparing each subkey.
*/
SubkeysMatch = CmpCompareSubkeys(HashCacheStack,
CurrentKcb,
RemainingSubkeys,
&ParentKcb);
if (SubkeysMatch)
{
/* All subkeys match, now check if the base KCB matches with parent */
if (*Kcb == ParentKcb)
{
/* Is the KCB marked as deleted? */
if (CurrentKcb->Delete ||
CurrentKcb->ParentKcb->Delete)
{
/*
* Either the current or its parent KCB is marked
* but we had a shared lock so probably a naughty
* thread was deleting it. Retry doing a cache
* lookup again with exclusive lock.
*/
if (!LockKcbsExclusive)
{
CmpUnLockKcbArray(LockedKcbs);
CmpDereferenceKeyControlBlock(*Kcb);
DPRINT1("The current KCB or its parent is deleted, retrying looking in the cache\n");
return STATUS_RETRY;
}
/* We're under an exclusive lock, is the KCB deleted yet? */
if (CurrentKcb->Delete)
{
/* The KCB is gone, the key should no longer belong in the cache */
CmpRemoveKeyControlBlock(CurrentKcb);
CmpUnLockKcbArray(LockedKcbs);
CmpDereferenceKeyControlBlock(*Kcb);
DPRINT1("The current KCB is deleted (KCB 0x%p)\n", CurrentKcb);
return STATUS_OBJECT_NAME_NOT_FOUND;
}
/*
* The parent is deleted so it must be that somebody created
* a fake key. Assert ourselves that is the case.
*/
ASSERT(CurrentKcb->ExtFlags & CM_KCB_KEY_NON_EXIST);
/* Remove this KCB out of cache if someone still uses it */
if (CurrentKcb->RefCount != 0)
{
CurrentKcb->Delete = TRUE;
CmpRemoveKeyControlBlock(CurrentKcb);
}
else
{
/* Otherwise expunge it */
CmpRemoveFromDelayedClose(CurrentKcb);
CmpCleanUpKcbCacheWithLock(CurrentKcb, FALSE);
}
/* Stop looking for next hashes as the KCB is kaput */
break;
}
/* We finally found the key in cache, acknowledge it */
KeyFoundInCache = TRUE;
/* Remove the subkeys in the remaining name and stop looking in the cache */
CmpRemoveSubkeysInRemainingName(HashCacheStack, RemainingSubkeys, RemainingName);
break;
}
}
}
/* Go to the next hash */
HashEntry = HashEntry->NextHash;
}
/* Stop looking in cache if we found the matching key */
if (KeyFoundInCache)
{
DPRINT("Key found in cache, stop looking\n");
break;
}
/* Keep looking in the cache until we run out of remaining subkeys */
RemainingSubkeys--;
}
/* Return the matching subkey levels */
*MatchRemainSubkeyLevel = RemainingSubkeys + 1;
/* We have to update the KCB if the key was found in cache */
if (KeyFoundInCache)
{
/*
* Before we change the KCB we must dereference the prior
* KCB that we no longer need it.
*/
CmpDereferenceKeyControlBlock(*Kcb);
*Kcb = CurrentKcb;
/* Reference the new KCB now */
if (!CmpReferenceKeyControlBlock(*Kcb))
{
/* This key is opened too many times, bail out */
DPRINT1("Could not reference the KCB, too many references (KCB 0x%p)\n", Kcb);
return STATUS_UNSUCCESSFUL;
}
/* Update hive and cell data from current KCB */
*Hive = CurrentKcb->KeyHive;
*Cell = CurrentKcb->KeyCell;
}
/* Unlock the KCBs */
CmpUnLockKcbArray(LockedKcbs);
return STATUS_SUCCESS;
}
/**
* @brief
* Builds a hash stack cache and looks up in the
* pool cache for a matching key pathname.
*
* @param[in] ParseObject
* A pointer to a parse object, acting as a key
* body. This parameter is unused.
*
* @param[in,out] Kcb
* A pointer to a KCB. This KCB is used by the
* registry parser after hash stack and cache
* lookup are done. This KCB might change if the
* key is found to be cached in the cache pool.
*
* @param[in] Current
* The current remaining key pathname.
*
* @param[out] Hive
* A pointer to a registry hive, returned by the caller.
*
* @param[out] Cell
* A pointer to a hive cell, returned by the caller.
*
* @param[out] TotalRemainingSubkeys
* A pointer to a number of total remaining subkey levels,
* returned by the caller. This can be 0 if no subkey levels
* have been found.
*
* @param[out] MatchRemainSubkeyLevel
* A pointer to a number of remaining subkey levels that match,
* returned by the caller. This can be 0 if no matching levels
* are found.
*
* @param[out] TotalSubkeys
* A pointer to a number of total subkeys. This can be 0 if no
* subkey levels are found. By definition, both MatchRemainSubkeyLevel
* and TotalRemainingSubkeys are 0 as well.
*
* @param[in,out] OuterStackArray
* A pointer to an array that lives on the caller's stack.
* The expected size of the array is up to 32 elements,
* which is the imposed limit by CMP_HASH_STACK_LIMIT.
* This limit also corresponds to the maximum depth of
* subkey levels.
*
* @param[out] LockedKcbs
* A pointer to an array of locked KCBs, returned by the caller.
*
* @return
* Returns STATUS_SUCCESS if all the operations have succeeded without
* problems. STATUS_NAME_TOO_LONG is returned if the key pathname has
* too many subkey levels (more than 32 levels deep). A failure NTSTATUS
* code is returned otherwise. Refer to CmpLookInCache documentation
* for more information about other returned status codes.
* STATUS_UNSUCCESSFUL is returned if a KCB is referenced too many times.
*/
NTSTATUS
NTAPI
CmpBuildHashStackAndLookupCache(
_In_ PCM_KEY_BODY ParseObject,
_Inout_ PCM_KEY_CONTROL_BLOCK *Kcb,
_In_ PUNICODE_STRING Current,
_Out_ PHHIVE *Hive,
_Out_ PHCELL_INDEX Cell,
_Out_ PULONG TotalRemainingSubkeys,
_Out_ PULONG MatchRemainSubkeyLevel,
_Out_ PULONG TotalSubkeys,
_Inout_ PULONG OuterStackArray,
_Out_ PULONG *LockedKcbs)
{
NTSTATUS Status;
ULONG ConvKey;
ULONG SubkeysInTotal, RemainingSubkeysInTotal, MatchRemainingSubkeys;
CM_HASH_CACHE_STACK HashCacheStack[CMP_SUBKEY_LEVELS_DEPTH_LIMIT];
/* Make sure it's not a dead KCB */
ASSERT((*Kcb)->RefCount > 0);
/* Lock the registry */
CmpLockRegistry();
/* Calculate hash values for every subkey this key path has */
ConvKey = (*Kcb)->ConvKey;
RemainingSubkeysInTotal = CmpComputeHashValue(Current,
ConvKey,
HashCacheStack,
&SubkeysInTotal);
/* This key path has too many subkeys */
if (SubkeysInTotal > CMP_SUBKEY_LEVELS_DEPTH_LIMIT)
{
DPRINT1("The key path has too many subkeys - %lu\n", SubkeysInTotal);
*LockedKcbs = NULL;
return STATUS_NAME_TOO_LONG;
}
/* Return hive and cell data */
*Hive = (*Kcb)->KeyHive;
*Cell = (*Kcb)->KeyCell;
/* Do we have any subkeys? */
if (!RemainingSubkeysInTotal && !SubkeysInTotal)
{
/*
* We don't have any subkeys nor remaining levels, the
* KCB points to the actual key. Lock it.
*/
if (!CmpReferenceKeyControlBlock(*Kcb))
{
/* This key is opened too many times, bail out */
DPRINT1("Could not reference the KCB, too many references (KCB 0x%p)\n", Kcb);
return STATUS_UNSUCCESSFUL;
}
CmpAcquireKcbLockSharedByIndex(GET_HASH_INDEX(ConvKey));
/* Add this KCB in the array of locked KCBs */
OuterStackArray[0] = 1;
OuterStackArray[1] = GET_HASH_INDEX(ConvKey);
*LockedKcbs = OuterStackArray;
/* And return all the subkey level counters */
*TotalRemainingSubkeys = RemainingSubkeysInTotal;
*MatchRemainSubkeyLevel = 0;
*TotalSubkeys = SubkeysInTotal;
return STATUS_SUCCESS;
}
/* Lookup in the cache */
Status = CmpLookInCache(HashCacheStack,
FALSE,
RemainingSubkeysInTotal,
Current,
OuterStackArray,
Kcb,
Hive,
Cell,
&MatchRemainingSubkeys);
if (!NT_SUCCESS(Status))
{
/* Bail out if cache lookup failed for other reasons */
if (Status != STATUS_RETRY)
{
DPRINT1("CmpLookInCache() failed (Status 0x%lx)\n", Status);
*LockedKcbs = NULL;
return Status;
}
/* Retry looking in the cache but with KCBs locked exclusively */
Status = CmpLookInCache(HashCacheStack,
TRUE,
RemainingSubkeysInTotal,
Current,
OuterStackArray,
Kcb,
Hive,
Cell,
&MatchRemainingSubkeys);
if (!NT_SUCCESS(Status))
{
DPRINT1("CmpLookInCache() failed after retry (Status 0x%lx)\n", Status);
*LockedKcbs = NULL;
return Status;
}
}
/*
* Check if we have a full match of remaining levels.
*
* FIXME: It is possible we can catch a fake key from the cache
* when we did the lookup, in such case we should not do any
* locking as such KCB does not point to any real information.
* Currently ReactOS doesn't create fake KCBs so we are good
* for now.
*/
if (RemainingSubkeysInTotal == MatchRemainingSubkeys)
{
/*
* Just simply lock this KCB as it points to the full
* subkey levels in cache.
*/
CmpAcquireKcbLockSharedByIndex(GET_HASH_INDEX((*Kcb)->ConvKey));
OuterStackArray[0] = 1;
OuterStackArray[1] = GET_HASH_INDEX((*Kcb)->ConvKey);
*LockedKcbs = OuterStackArray;
}
else
{
/*
* We only have a partial match so other subkey levels
* have each KCB. Simply just lock them.
*/
*LockedKcbs = CmpBuildAndLockKcbArray(HashCacheStack,
CMP_LOCK_KCB_ARRAY_EXCLUSIVE,
*Kcb,
OuterStackArray,
RemainingSubkeysInTotal,
MatchRemainingSubkeys);
NT_ASSERT(*LockedKcbs);
}
/* Return all the subkey level counters */
*TotalRemainingSubkeys = RemainingSubkeysInTotal;
*MatchRemainSubkeyLevel = MatchRemainingSubkeys;
*TotalSubkeys = SubkeysInTotal;
return Status;
}
NTSTATUS
NTAPI
CmpParseKey(IN PVOID ParseObject,
IN PVOID ObjectType,
IN OUT PACCESS_STATE AccessState,
IN KPROCESSOR_MODE AccessMode,
IN ULONG Attributes,
IN OUT PUNICODE_STRING CompleteName,
IN OUT PUNICODE_STRING RemainingName,
IN OUT PVOID Context OPTIONAL,
IN PSECURITY_QUALITY_OF_SERVICE SecurityQos OPTIONAL,
OUT PVOID *Object)
{
NTSTATUS Status;
PCM_KEY_CONTROL_BLOCK Kcb, ParentKcb;
PHHIVE Hive = NULL;
PCM_KEY_NODE Node = NULL;
HCELL_INDEX Cell = HCELL_NIL, NextCell;
PHHIVE HiveToRelease = NULL;
HCELL_INDEX CellToRelease = HCELL_NIL;
UNICODE_STRING Current, NextName;
PCM_PARSE_CONTEXT ParseContext = Context;
ULONG TotalRemainingSubkeys = 0, MatchRemainSubkeyLevel = 0, TotalSubkeys = 0;
ULONG LockedKcbArray[CMP_KCBS_IN_ARRAY_LIMIT];
PULONG LockedKcbs;
BOOLEAN IsKeyCached = FALSE;
BOOLEAN Result, Last;
PAGED_CODE();
/* Loop path separators at the end */
while (RemainingName->Length &&
(RemainingName->Buffer[(RemainingName->Length / sizeof(WCHAR)) - 1] ==
OBJ_NAME_PATH_SEPARATOR))
{
/* Remove path separator */
RemainingName->Length -= sizeof(WCHAR);
}
/* Fail if this isn't a key object */
if (ObjectType != CmpKeyObjectType) return STATUS_OBJECT_TYPE_MISMATCH;
/* Copy the remaining name */
Current = *RemainingName;
/* Check if this is a create */
if (!ParseContext || !ParseContext->CreateOperation)
{
/* It isn't, so no context */
ParseContext = NULL;
}
/* Grab the KCB */
Kcb = ((PCM_KEY_BODY)ParseObject)->KeyControlBlock;
/* Sanity check */
ASSERT(Kcb != NULL);
/* Fail if the key was marked as deleted */
if (Kcb->Delete)
return STATUS_KEY_DELETED;
/* Lookup in the cache */
Status = CmpBuildHashStackAndLookupCache(ParseObject,
&Kcb,
&Current,
&Hive,
&Cell,
&TotalRemainingSubkeys,
&MatchRemainSubkeyLevel,
&TotalSubkeys,
LockedKcbArray,
&LockedKcbs);
CMP_ASSERT_REGISTRY_LOCK();
if (!NT_SUCCESS(Status))
{
DPRINT1("Failed to look in cache, stop parsing (Status 0x%lx)\n", Status);
ParentKcb = NULL;
goto Quickie;
}
/* This is now the parent */
ParentKcb = Kcb;
/* Sanity check */
ASSERT(ParentKcb != NULL);
/* Don't do anything if we're being deleted */
if (Kcb->Delete)
{
Status = STATUS_OBJECT_NAME_NOT_FOUND;
goto Quickie;
}
/* Check if everything was found cached */
if (!TotalRemainingSubkeys)
{
/*
* We don't have any remaining subkey levels so we're good
* that we have an already perfect candidate for a KCB, just
* do the open directly.
*/
DPRINT("No remaining subkeys, the KCB points to the actual key\n");
IsKeyCached = TRUE;
goto KeyCachedOpenNow;
}
/* Check if we have a matching level */
if (MatchRemainSubkeyLevel)
{
/*
* We have a matching level, check if that matches
* with the total levels of subkeys. Do the open directly
* if that is the case, because the whole subkeys levels
* is cached.
*/
if (MatchRemainSubkeyLevel == TotalSubkeys)
{
DPRINT("We have a full matching level, open the key now\n");
IsKeyCached = TRUE;
goto KeyCachedOpenNow;
}
/*
* We only have a partial match, make sure we did not
* get mismatched hive data.
*/
ASSERT(Hive == Kcb->KeyHive);
ASSERT(Cell == Kcb->KeyCell);
}
/*
* FIXME: Currently the registry parser doesn't check for fake
* KCBs. CmpCreateKeyControlBlock does have the necessary implementation
* to create such fake keys but we don't create these fake keys anywhere.
* When we will do, we must improve the registry parser routine to handle
* fake keys a bit differently here.
*/
/* Check if this is a symlink */
if (Kcb->Flags & KEY_SYM_LINK)
{
/* Get the next name */
Result = CmpGetNextName(&Current, &NextName, &Last);
Current.Buffer = NextName.Buffer;
/* Validate the current name string length */
if (Current.Length + NextName.Length > MAXUSHORT)
{
/* too long */
Status = STATUS_NAME_TOO_LONG;
goto Quickie;
}
Current.Length += NextName.Length;
/* Validate the current name string maximum length */
if (Current.MaximumLength + NextName.MaximumLength > MAXUSHORT)
{
/* too long */
Status = STATUS_NAME_TOO_LONG;
goto Quickie;
}
Current.MaximumLength += NextName.MaximumLength;
/* CmpGetSymbolicLink doesn't want a lock */
CmpUnLockKcbArray(LockedKcbs);
LockedKcbs = NULL;
/* Parse the symlink */
if (CmpGetSymbolicLink(Hive,
CompleteName,
Kcb,
&Current))
{
/* Symlink parse succeeded */
Status = STATUS_REPARSE;
}
else
{
/* Couldn't find symlink */
Status = STATUS_OBJECT_NAME_NOT_FOUND;
}
/* We're done */
goto Quickie;
}
/* Get the key node */
Node = (PCM_KEY_NODE)HvGetCell(Hive, Cell);
if (!Node)
{
Status = STATUS_INSUFFICIENT_RESOURCES;
goto Quickie;
}
/* Start parsing */
Status = STATUS_NOT_IMPLEMENTED;
while (TRUE)
{
/* Get the next component */
Result = CmpGetNextName(&Current, &NextName, &Last);
if (Result && NextName.Length)
{
/* See if this is a sym link */
if (!(Kcb->Flags & KEY_SYM_LINK))
{
/* Find the subkey */
NextCell = CmpFindSubKeyByName(Hive, Node, &NextName);
if (NextCell != HCELL_NIL)
{
/* Get the new node */
Cell = NextCell;
Node = (PCM_KEY_NODE)HvGetCell(Hive, Cell);
ASSERT(Node);
/* Check if this was the last key */
if (Last)
{
/* Is this an exit node */
if (Node->Flags & KEY_HIVE_EXIT)
{
/* Handle it */
CmpHandleExitNode(&Hive,
&Cell,
&Node,
&HiveToRelease,
&CellToRelease);
if (!Node)
{
/* Fail */
Status = STATUS_INSUFFICIENT_RESOURCES;
break;
}
}
KeyCachedOpenNow:
/* Do the open */
Status = CmpDoOpen(Hive,
Cell,
Node,
AccessState,
AccessMode,
Attributes,
ParseContext,
IsKeyCached ? CMP_OPEN_KCB_NO_CREATE : CMP_CREATE_KCB_KCB_LOCKED,
&Kcb,
LockedKcbs,
&NextName,
Object);
if (Status == STATUS_REPARSE)
{
/* CmpGetSymbolicLink doesn't want a lock */
CmpUnLockKcbArray(LockedKcbs);
LockedKcbs = NULL;
/* Parse the symlink */
if (!CmpGetSymbolicLink(Hive,
CompleteName,
Kcb,
NULL))
{
/* Symlink parse failed */
Status = STATUS_OBJECT_NAME_NOT_FOUND;
}
}
/* We are done */
break;
}
/* Is this an exit node */
if (Node->Flags & KEY_HIVE_EXIT)
{
/* Handle it */
CmpHandleExitNode(&Hive,
&Cell,
&Node,
&HiveToRelease,
&CellToRelease);
if (!Node)
{
/* Fail */
Status = STATUS_INSUFFICIENT_RESOURCES;
break;
}
}
/* Create a KCB for this key */
Kcb = CmpCreateKeyControlBlock(Hive,
Cell,
Node,
ParentKcb,
CMP_LOCK_HASHES_FOR_KCB,
&NextName);
if (!Kcb)
{
/* Fail */
Status = STATUS_INSUFFICIENT_RESOURCES;
break;
}
/* Dereference the parent and set the new one */
CmpDereferenceKeyControlBlockWithLock(ParentKcb, FALSE);
ParentKcb = Kcb;
}
else
{
/* Check if this was the last key for a create */
if (Last && ParseContext)
{
/* Check if we're doing a link node */
if (ParseContext->CreateLink)
{
/* The only thing we should see */
Status = CmpCreateLinkNode(Hive,
Cell,
AccessState,
NextName,
AccessMode,
Attributes,
ParseContext,
ParentKcb,
LockedKcbs,
Object);
}
else if (Hive == &CmiVolatileHive->Hive && CmpNoVolatileCreates)
{
/* Creating keys in the master hive is not allowed */
Status = STATUS_INVALID_PARAMETER;
}
else
{
/* Do the create */
Status = CmpDoCreate(Hive,
Cell,
AccessState,
&NextName,
AccessMode,
ParseContext,
ParentKcb,
Object);
}
/* Check for reparse (in this case, someone beat us) */
if (Status == STATUS_REPARSE) break;
/* Update disposition */
ParseContext->Disposition = REG_CREATED_NEW_KEY;
break;
}
else
{
/* Key not found */
Status = STATUS_OBJECT_NAME_NOT_FOUND;
break;
}
}
}
else
{
/* Save the next name */
Current.Buffer = NextName.Buffer;
/* Validate the current name string length */
if (Current.Length + NextName.Length > MAXUSHORT)
{
/* too long */
Status = STATUS_NAME_TOO_LONG;
break;
}
Current.Length += NextName.Length;
/* Validate the current name string maximum length */
if (Current.MaximumLength + NextName.MaximumLength > MAXUSHORT)
{
/* too long */
Status = STATUS_NAME_TOO_LONG;
break;
}
Current.MaximumLength += NextName.MaximumLength;
/* CmpGetSymbolicLink doesn't want a lock */
CmpUnLockKcbArray(LockedKcbs);
LockedKcbs = NULL;
/* Parse the symlink */
if (CmpGetSymbolicLink(Hive,
CompleteName,
Kcb,
&Current))
{
/* Symlink parse succeeded */
Status = STATUS_REPARSE;
}
else
{
/* Couldn't find symlink */
Status = STATUS_OBJECT_NAME_NOT_FOUND;
}
/* We're done */
break;
}
}
else if (Result && Last)
{
/* Opening the root. Is this an exit node? */
if (Node->Flags & KEY_HIVE_EXIT)
{
/* Handle it */
CmpHandleExitNode(&Hive,
&Cell,
&Node,
&HiveToRelease,
&CellToRelease);
if (!Node)
{
/* Fail */
Status = STATUS_INSUFFICIENT_RESOURCES;
break;
}
}
/* Do the open */
Status = CmpDoOpen(Hive,
Cell,
Node,
AccessState,
AccessMode,
Attributes,
ParseContext,
CMP_OPEN_KCB_NO_CREATE,
&Kcb,
LockedKcbs,
&NextName,
Object);
if (Status == STATUS_REPARSE)
{
/* Nothing to do */
}
/* We're done */
break;
}
else
{
/* Bogus */
Status = STATUS_INVALID_PARAMETER;
break;
}
}
Quickie:
/* Unlock all the KCBs */
if (LockedKcbs != NULL)
{
CmpUnLockKcbArray(LockedKcbs);
}
/* Dereference the parent if it exists */
if (ParentKcb)
CmpDereferenceKeyControlBlock(ParentKcb);
/* Unlock the registry */
CmpUnlockRegistry();
return Status;
}